1、第二章 密码技术简介,some slides by Lawrie Brown,一、现代密码学基本概念,1949 仙农保密系统的通信理论 1976 Diffie和Hellman密码学新方向 W.Diffie and M.E.Hellman, New Directrions in Cryptography, IEEE Transaction on Information Theory, V.IT-22.No.6, Nov 1976, PP.644-654 1977 美国公布实施数据加密标准DES,(一)基本知识术语,密码学 密码编码学 密码分析学 明文 密文 算法 密钥 加密 解密 破译,plai
2、ntext - the original message ciphertext - the coded message cipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) - recovering ciphertext from plaintext cryptograp
3、hy - study of encryption principles/methods cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key cryptology - the field of both cryptography and cryptanalysis,密码通信系统模型,密码体制,它是一个五元组(M,C,K,E,D)满足条件:(1)M是可能明文的有限集;(明文空间)(2)C是可能密文的有限集;(密文空间)(3)K是一切
4、可能密钥构成的有限集(密钥空间)*(4)任意k K,有一个加密算法 和相应的解密算法, 使得 和 分别为加密解密函数,满足dk(ek(m)=m, 这里 mM。,注:1*.Alice要将明文M在不安全信道上发给Bob,设M=m1 m2 mn , 其中mi M, Alice用加密算法Ek作ci= ek (mi) 1 i n结果的密文是 C=c1 ,在信道上发送,Bob收到后解密:mi=dk(ci)得到明文M= m1 m2 mn 2*.加密函数ek必须是单射函数,就是一对一的函数。3*.若M=C,则ek为一个置换。4*.好的密钥算法是唯密钥而保密的。5*.若Alice和Bob在一次通信中使用相同的
5、密钥,那么这个加密体制为对称的,否则称为非对称的。,Symmetric Cipher Model,Requirements,two requirements for secure use of symmetric encryption: a strong encryption algorithm a secret key known only to sender / receiverY = EK(X)X = DK(Y) assume encryption algorithm is known implies a secure channel to distribute key,Algorith
6、m? Key? WHICH SHOUD BE SECRET,Security depends on the secrecy of the Algorithm not the secrecy of the Key Because:,Cryptography,can characterize by: type of encryption operations used substitution / transposition / product number of keys used single-key or private / two-key or public way in which pl
7、aintext is processed block / stream,古典密码,古典密码:以字符为基本加密单元 现代密码:以信息块为基本加密单元 置换 代换 移位代换 乘数密码 线形同余密码,单表代换 多表代换,1.置换密码,now consider classical transposition or permutation ciphers these hide the message by rearranging the letter order without altering the actual letters used can recognise these since have
8、 the same frequency distribution as the original text,Rail Fence cipher,write message letters out diagonally over a number of rows then read off cipher row by row eg. write message out as: m e m a t r h p r ye t e f e t e a t giving ciphertext MEMATRHTGPRYETEFETEOAAT Plaintext: meet me after party,藏
9、头诗,徐文长七言绝句: 平湖一色万顷秋, 湖光渺渺水长流。 秋月圆圆世间少, 月好四时最宜秋。,Row Transposition Ciphers,a more complex scheme write letters of message out in rows over a specified number of columns then reorder the columns according to some key before reading off the rows Key: 3 4 2 1 5 6 7 Plaintext: a t t a c k po s t p o n ed
10、 u n t i l tw o a m x y z Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ,2.经典代换密码,where letters of plaintext are replaced by other letters or by numbers or symbols or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns,凯撒密码
11、,earliest known substitution cipher by Julius Caesar first attested use in military affairs(高卢) replaces each letter by 3rd letter on example: meet me after the party PHHW PH DIWHU WKH SDUWB,(1)移位代换/加法代换,can define transformation as: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J
12、K L M N O P Q R S T U V W X Y Z A B C mathematically give each letter a number a b c d e f g h i j k l m 0 1 2 3 4 5 6 7 8 9 10 11 12 n o p q r s t u v w x y Z 13 14 15 16 17 18 19 20 21 22 23 24 25 then have Caesar cipher as: C = Ek (m) = (m + k) mod (26) m = Dk(C) = (C k) mod (26),(2)乘法代换,C = Ek (
13、m) = m k mod (26) m = Dk(C) = C k-1 mod (26) eg: 7*3 mod(26)=21 7-1(mod 26)=15, for 7*15 mod(26) =1 21*15 mod(26) = 3,(3)线性同余(仿射)密码 C = Ek (m) = (m k1 + k0 )mod (26) 例子,设k(7,3),注意到7-1(mod 26)=15,加密函数是ek(x)=7x+3,相应的解密函数是dk(y)=15(y-3)=15y-19 , 易见 dk(ek(x)=dk(7x+3)=15(7x+3)-19 =x+45-19=x (mod 26)若加密明文:
14、hot ,首先转换字母h,o,t成为数字7,14,19, 然后加密:解密:,多表代换-维吉尼亚密码,simplest polyalphabetic substitution cipher is the Vigenre Cipher effectively multiple caesar ciphers key is multiple letters long K = k1 k2 . kd ith letter specifies ith alphabet to use use each alphabet in turn repeat from start after d letters in
15、message decryption simply works in reverse,Example,write the plaintext out write the keyword repeated above it use each key letter as a caesar cipher key encrypt the corresponding plaintext letter eg using keyword deceptive key: deceptivedeceptivedeceptive plaintext: wearediscoveredsaveyourself ciph
16、ertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ,Autokey Cipher,ideally want a key as long as the message Vigenre proposed the autokey cipher with keyword is prefixed to message as key knowing keyword can recover the first few letters use these in turn on the rest of the message but still have frequency character
17、istics to attack eg. given key deceptive key: deceptivewearediscoveredsav plaintext: wearediscoveredsaveyourself ciphertext:ZICVTWQNGKZEIIGASXSTSLVVWLA,One-Time Pad,if a truly random key as long as the message is used, the cipher will be secure called a One-Time pad is unbreakable since ciphertext b
18、ears no statistical relationship to the plaintext since for any plaintext & any ciphertext there exists a key mapping one to other can only use the key once though have problem of safe distribution of key,Rotor Machines,before modern ciphers, rotor machines were most common product cipher were widel
19、y used in WW2 German Enigma, Allied Hagelin, Japanese Purple implemented a very complex, varying substitution cipher used a series of cylinders, each giving one substitution, which rotated and changed after each letter was encrypted with 3 cylinders have 263=17576 alphabets,Summary,have considered: terminology classical cipher techniques transposition ciphers monoalphabetic substitution ciphers polyalphabetic ciphers product ciphers and rotor machines,
